пятница, 24 июня 2016 г.

PT Application Inspector provides several approaches to analysis of the source code written in different programming languages:

Search by signatures.

Exploring the properties of mathematical models derived from the static abstract interpretation of code.

Dynamic analysis of the deployed application and verification of the static analysis results.

This series of articles focuses on the structure and operation principles of the signature analysis module (PM, pattern matching). The key benefits of such an analyzer include high performance, simplicity of pattern description, and scalability across various languages. The disadvantage of this approach is that the module is not able to analyze complex vulnerabilities, which require developing high-level models of code execution.

The following requirements have been defined for the module under development:

Capability of working with multiple programming languages and the option to add new ones easily.

Functionality that allows analysis of the code containing syntactic and semantic errors.

Capability of describing patterns using a common programming language (DSL, domain specific language).

In this case, all the patterns describe flaws or vulnerabilities in the source code.

Обо мне

This is the blog from the research, development and corporate team at Positive Technologies.
In a world increasingly run on code, vulnerable software presents a huge risk to all areas of business and critical infrastructure, a problem we believe will believe only grow in scale, complexity and seriousness. We analyse these vulnerabilities in one of Europe’s largest specialist laboratories, helping keep companies and people safe the world over.